A vulnerability classified as critical was found in Cacti up to 1.2.25. This vulnerability affects unknown code of the file managers.php of the component HTTP GET Handler. The manipulation of the argument selected_graphs_array leads to sql injection.
This vulnerability was named CVE-2023-51448. The attack can be initiated remotely. There is no exploit available.